| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
This would also release any resources held via references from these
callbacks.
I'm not sure why we don't just re-new() the whole thing.
Related to #1382
|
| |
|
|
|
| |
Also special thanks to timeless, for wordlessly reminding me to check
for typos.
|
| |
|
|
|
|
| |
Because of the way the previous pubsub service is carried access module
reloads, it would retain the configuration options with their previous
values from when the service was first created.
|
| |
|
|
|
| |
Maybe the 'service' in the outer scope should be moved down to minimize
overlap with other functions that receive the same service as argument?
|
| | |
|
| |
|
|
|
|
| |
XEP-0060 says that this the way to indicate that 'persistent-items' is
unsupported, but doesn't explicitly say if it being disabled in the node
configuration also counts as unsupported.
|
| |
|
|
|
|
|
|
| |
This behavior came from some confusion over the meaning of
persist_items. The correct behavior is that items are only stored when
it is set to true. When set to false, the service becomes a "pure"
publish-subscribe service, where items are forgotten immediately after
broadcasting.
|
| |
|
|
|
|
| |
Since nodes were always persistent according to the XEP-0060 definition.
Whether data is stored in memory or on disk was not what this setting
was meant for.
|
| |
|
|
|
| |
The publisher is already there on the item when the broadcaster gets it,
so it needs to do the opposite thing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
All the XEP-0060 examples have the publisher attribute set to a bare
JID, but the text does allow it to be the full JID.
Since mod_pubsub is more likely used for open nodes that anyone can
subscribe to it makes sense to not leak the full JIDs. This is also
disabled by defaults.
In mod_pep on the other hand it might make sense to have the full JID
since that data is more likely to be broadcast to contacts which are
already somewhat trusted.
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Fixes https://prosody.im/security/advisory_20210722/
Backs out 4d7b925652d9
|
| | |
| |
| |
| |
| | |
Optimizes away all the processing on every message in case the
end-result is zero history.
|
| | |
| |
| |
| |
| |
| |
| | |
This way 'extra' is unique for each connect() instance, making it safer
to mutate it, while inheriting the global settings.
See 926d53af9a7a for some more context.
|
| | |
| |
| |
| |
| | |
This could happen with Dialback-only connections or others that were
missing the stream 'to' attribute.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Given an incoming <stream:stream from="example.com"> this line would
have mistakenly reported the 'from' as the local host. Neither are
technically required and may be missing, especially on connections used
only for Dialback.
Outgoing connections initiated by Prosody always have 'from_host' and
'to_host', so it is safer to check it this way.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Couldn't use those with the host being deactivated.
Problem: This kicks in on reload, which isn't needed.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Increases log level for stream conditions that could indicate a problem
on our end, especially programming errors like invalid XML, or the
remote server saying that our certificate is invalid, since these should
be investigated.
Non-issues like closing of idle streams are lowered to debug since it's
mostly noise.
Other issues left at info are mostly about changes to the remote server,
e.g. complete or partial shutdown.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Reduces the number of left-over timers to handle after many s2s
connections were started, leaving only the ones related to incomplete
connections.
|
| | |
| |
| |
| |
| |
| | |
This should probably never happen, but probably does anyways.
A debug message would show the truth of the matter.
|
| | |
| |
| |
| |
| | |
Nicer to get rid of a conditional that covers such a large portion of a
pretty big function.
|
| | |
| |
| |
| |
| | |
These direct accesses are probably more optimized, but weird when the
module API has methods for these things.
|
| | |
| |
| |
| | |
It isn't quite an error.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Goal is to have some accountability for these privileged actions.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This doesn't really make sense today. It doesn't even work with
mod_auth_internal_hashed, which should be the default. And even with a
supporting authentication module, why would we just hand out the
password? One use case may be to recover a forgotten password. While not
yet included with Prosody, there are better ways to handle forgotten
passwords, usually by resetting them to a new password.
|
| | |
| |
| |
| |
| |
| | |
Fixes #1643
API change: The argument to archive_itemstore() changes type to integer
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because during startup, if all items are provided by a different module
(e.g. mod_turn_external) then this would log a scary warning even if
everything is fine after that other module has been loaded.
This way, any persistent problematic state is reported in the console.
Errors with individual items should still be reported by prepare().
Now, if you load mod_external_services alone without configuring any
services, no error or warning is reported in the log, but maybe that's
not so bad with it reported in the console.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This ensures that problems with entries added other modules, e.g.
mod_turn_external, are reported on startup. However, this depends on
load order and whether a `module:depends()` call comes before the
`module:add_item()` call. A followup commit will do something about
that.
|
| | | |
|
| | |
| |
| |
| | |
Should have been removed in the previous commit.
|
| | |
| |
| |
| | |
See previous commit to mod_c2s: a62146353528
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The :info() method has been observed to return nothing ... sometimes.
Unclear what causes it. Perhaps the TLS connection was shut down or
hasn't fully settled?
The LuaSec code has code paths that return nothing or nil, error, so it
is best to guard against it.
|
| | |
| |
| |
| | |
^C^V
|
| | | |
|
| | |
| |
| |
| |
| | |
This only differs from 'legacy_ssl' in name, at least on the server
side. For clients this is the one that uses SRV records.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
X-Frame-Options was replaced by the Content-Security-Policy
'frame-ancestors' directive, but Internet Explorer does not support that
part of CSP.
Since it's just one line it doesn't hurt to keep until some future
spring cleaning event :)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes "attempt to compare number with nil" because `session.version` has
been cleared by s2smanager.destroy_session.
This can happen with the server_epoll setting opportunistic_writes
enabled, which means that it can notice that the connection failed at
this point, after which it triggers the whole chain of events that leads
to session destruction and "cleaning" most of the session fields.
|
| | | |
|
| | |
| |
| |
| |
| | |
Some items like HTTP providers would be very verbose, others are tricky
to handle.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Hosts have a metatable __tostring method that produces a nice
representation such as `VirtualHost "example.com"`, which even includes
the component module for internal components.
|
| | | |
|
